Security News
Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks. Last year, security researcher Samy Kamkar disclosed a new version of the NAT Slipstreaming vulnerability that allows scripts on malicious websites to bypass visitors' NAT firewall and gain access to any TCP/UDP port on the visitor's internal network.
Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks. Last year, security researcher Samy Kamkar disclosed a new version of the NAT Slipstreaming vulnerability that allows scripts on malicious websites to bypass visitors' NAT firewall and gain access to any TCP/UDP port on the visitor's internal network.
Google Chrome developers have announced plans to roll out DNS-over-HTTPS support to Chrome web browser for Linux. Yesterday, the open-source Chromium project which powers the Google Chrome web browser announced plans to release a Chrome for Linux version with DNS-over-HTTPS support.
Google Chrome will switch to choosing HTTPS as the default protocol for all URLs typed in the address bar, starting with the web browser's next stable version. This move is part of a larger effort to defend users from attackers attempting to intercept their unencrypted web traffic and speed up the loading of websites served over HTTPS. "Chrome will now default to HTTPS for most typed navigations that don't specify a protocol," Chrome team's Shweta Panditrao and Mustafa Emre Acer said.
Google is rolling out a new 'Tab Search' feature that allows you to search through your list of open tabs among all open browser windows to find a specific page. If you are like me and commonly have a large number of tabs open simultaneously, you can use the Tab Search feature to search for a particular page among your sea of open tabs.
Google has addressed yet another actively exploited zero-day in Chrome browser, marking the second such fix released by the company within a month. While the update contains a total of five security fixes, the most important flaw rectified by Google concerns a use after free vulnerability in its Blink rendering engine.
For the third time this year, Google has shipped an urgent fix to block in-the-wild zero-day attacks hitting its flagship Chrome browser. The latest emergency Chrome patch, available for Windows, MacOS and Linux, provides cover for at least five documented vulnerabilities.
Google says that the latest Google Chrome version comes with major memory savings on Windows systems and improves energy consumption and overall responsiveness. Google Chrome 89, which rolled out earlier this week, comes with significant Windows memory management improvements, with the browser process requiring up to 22% less memory.
Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability. Last year, security researchers disclosed a new version of the NAT Slipstreaming vulnerability that allows malicious scripts to bypass a website visitor's NAT firewall and access any TCP/UDP port on the visitor's internal network.
Google has brought the FPS, or frame rate, reading back to the Google Chrome FPS meter after users were upset about its removal. Google Chrome includes a tool called 'FPS Meter' that allowed users to see the frame rate of a web page they were visiting.